New cloud worm “PCPJack” targets exposed infrastructure for credential theft.• Docker & Kubernetes targeted• API keys and SSH secrets harvested• Telegram-based C2 observed• No cryptomining payloads

technadu@infosec.exchange

New cloud worm “PCPJack” targets exposed infrastructure for credential theft.
• Docker & Kubernetes targeted
• API keys and SSH secrets harvested
• Telegram-based C2 observed
• No cryptomining payloads

Cloud Credential Worm ‘PCPJack’ Targets TeamPCP Victims

PCPJack is a cloud worm that evicts TeamPCP tools and steals credentials from Kubernetes, Docker, Anthropic, and OpenAI environments.

TechNadu (www.technadu.com)

Are credential-focused cloud attacks the new norm?

#InfoSec #CloudSecurity #CyberSecurity

CIRCLE WITH A DOT

New cloud worm “PCPJack” targets exposed infrastructure for credential theft.• Docker &amp; Kubernetes targeted• API keys and SSH secrets harvested• Telegram-based C2 observed• No cryptomining payloads

Cloud Credential Worm ‘PCPJack’ Targets TeamPCP Victims

New cloud worm “PCPJack” targets exposed infrastructure for credential theft.• Docker & Kubernetes targeted• API keys and SSH secrets harvested• Telegram-based C2 observed• No cryptomining payloads